Kaspersky Small Office Security

Kaspersky Small Office Security (which begins at $149.99 per year for five users) protects Windows desktops and servers, Mac, and Android devices. The product includes file-based anti-malware protections, application control, System Watcher behavior-based anti-malware protections, firewall, email, web and IM anti-malware scanning, all of which provided outstanding endpoint protection in my testing. The five-user package also includes one file server, five mobiles, five password managers, and features such as ad blocking, Safe Money (protects financial information and transactions in a sandboxed browser), a password manager, data encryption, backup, and web content policy management.

That’s all great, except that Kaspersky Small Office Security isn’t a business product as far as I’m concerned. The web-based management console does little more than provide the status of individual systems at a glance and allow the administrator to change basic protection settings, such as application control on or off, and launch scans. Granular settings, such as which applications are allowed or not, require access to the client running on the endpoint. Kaspersky’s emphasis is on simplicity and protection, not on providing business features. As such, it pales in comparison to the innovative policy management mechanics of Editors’ Choice Webroot SecureAnywhere Business Endpoint Protection and will only appeal to a very small business currently running consumer anti-malware and are looking to take a very small step forward.

We chose to review Kaspersky Small Office Security because it is the only Kaspersky business product offering a hosted management console. Kaspersky’s on-premises solution, Kaspersky Endpoint Security for Business, contains business-class policy-based endpoint management and reporting features. Kaspersky’s web-based management console is two to three years behind the competition, such as Panda Security Endpoint Protection, Avast Software Premium Business Security, F-Secure Protection Service for Business, and Bitdefender GravityZone Business Security—and just about anyone else that calls something a business hosted endpoint protection solution.

Lots of Features, Very Little Central Control

When you deploy Kaspersky Small Office Security, you’re either going to ask your end-users to manage their own endpoint protection, or you’re going to have to touch each machine to do it for them. The depth and breadth of features, information and settings available from the client software is similar to that of Kaspersky consumer products, such as Kaspersky Total Security.

However, from the web-based management console you’ll only have access to roughly a dozen settings and three actions. Almost all settings are accessed by navigating to a specific endpoint and clicking on Components and then toggling protections, such as file antivirus, application control, and network attack blocker, on or off. The console lacks the ability to set policy or to work with groups of endpoints so you’ll have to do this on a machine by machine basis. Many of the other endpoint solutions I tested, including McAfee Endpoint Protection Essential for SMBs and Trend Micro Worry-Free Business Security Services offer easily configurable group endpoint management. Any granular settings, and there are plenty of them, will need to be made by directly accessing the client software itself.

Deploying the client software requires accessing each endpoint. The installer can be downloaded directly from the Kaspersky website, or the link can be emailed to users. There is no capacity for downloading an installation package that could be pushed through your usual management tools, like that offered by F-Secure Protection Services for Business and Panda Security Endpoint Protection. Installation took about 20 minutes and required a 162 MB download.

During installation, I was dismayed to see I had to enter an activation code and later import each endpoint into the web-based management console. This is the only small to midsize business (SMB)-hosted endpoint protection product I’ve reviewed that doesn’t automatically group endpoints under the same company license together.

There’s another problem with Kaspersky Small Office Security. When I tried to use the management console to make changes to offline machines, I got a message that the change couldn’t be made and that it would be attempted for seven days. So if you’ve got an employee on vacation, their device essentially becomes unmanageable. I find this completely unacceptable because it can lead to inconsistent application of security settings.

More Than Anti-Malware

Kaspersky Small Office Security includes a number of features that go beyond the malware protection offered by others in this category to include Safe Money, Password Manager, Data Encryption, Backup and Web Policy Management. Safe Money protects users while they browse financial websites. These sites are opened in Kaspersky’s protected browser, which is isolated from other processes to protect against screen-scraping and keylogging malware that would steal banking credentials. I found that this worked well and was unobtrusive during my testing.

The Android client provides anti-malware and Web protections, plus anti-theft features such as locate, remote wipe, and protection of personal data such as contacts, call logs and text messages.

Reporting and Help

Kaspersky Small Office Security offers no reporting capabilities. The best you can get are green check marks next to the device name to indicate that the databases and application are up to date, no active threats are detected, main protection components are running, and licenses are in effect. Both Kaspersky and Avast Software Premium Business Security lack reporting, and this is grossly insufficient for a business.

Kaspersky does a good job of explaining the few settings and actions that can be managed from the Web-based console, though. Each page has a question mark on the top right that opens context-sensitive help in another browser window.

Test Results

To test Kaspersky’s ability to block web-based attacks, I used a feed of newly-discovered malicious URLs supplied by MRG-Effitas. These links come and go extremely quickly; many of them are gone within hours.

For each still-functioning URL, I recorded whether Kaspersky blocked access in the browser, wiped out the download, or failed to identify and block the download at all. I tested 60 valid URLs. Kaspersky’s performance was excellent, blocking 62 percent of the malicious URLs and the malware they attempted to download. A score of 62 percent shows how competitive the SMB hosted endpoint protection market has become, in that this is an excellent score compared to endpoint protection in general, yet in this round of testing Kaspersky trails behind Panda Endpoint Protection, Avast Software Premium Business Security, Bitdefender GravityZone Business Security,and F-Secure Protection Service for Business.

To measure Kaspersky’s ability to protect against fraudulent websites, I used a set of recently reported phishing URLs. I fed the same set of URLs simultaneously to four test systems, each with a different form of protection. The first was my Kaspersky test machine. The remaining three used the protection built into Google Chrome, Internet Explorer, and Mozilla Firefox.

Kaspersky’s anti-phishing performance was admirable, outperforming the built-in protections of Chrome by 76 percent, Internet Explorer by 37 percent, and Firefox by 29 percent. Kaspersky blows away Bitdefender GravityZone Business Security, Avast Software Premium Business Security, Panda Endpoint Protection, and F-Secure Protection Service for Business in this protection category.

To assess Kaspersky’s active protections, in particular the ability of the active protections not to block legitimate applications, I installed a group of 20 PCMag.com utilities. No surprises here, Kaspersky allowed me to install and execute them all with no false positives.

To test the firewall, I attacked my test systems using 30 exploits generated by the Core Impact Pro penetration testing tool and none of them breached security. Kaspersky actively detected and blocked the attacks, as did Bitdefender GravityZone Business Security and Panda Security Endpoint Protection.

The independent testing labs strongly endorse Kaspersky. It gets top ratings from all of the ones I follow, including a perfect score in AV-Test Institute‘s three-part evaluation, a perfect AAA rating from Dennis Technology Labs, and five Advanced+ scores from AV-Comparatives.

Kaspersky Small Office Security 2017 Update

In its latest version, Kaspersky Small Office Security has added private browsing that prevents websites from using durable tracking cookies, webcam protection that blocks apps from surreptitiously spying on users through the webcam, and multi-level ransomware protection that employs a novel technique to aid the app in preventing damage from software trying to perform unauthorized encryption.

The first layer of Kaspersky’s anti-ransomware protection is built-in data backup that can reside on any target chosen by administrators. The anti-ransomware doesn’t use signatures to block ransomware’s execution; it allows the dodgy app to begin its work, tracks the suspicious activity, and then shuts down the operation before it goes very far. To make stopping ransomware easier, Kaspersky Small Office Security slows the workstation’s system clock while remediation takes place. Once the ransomware has been stopped and the offending software disabled, the affected files are restored from the security suite’s backup.

Kaspersky Small Office Security’s cloud management console is improved but still a mixed bag. On the one hand, managing the security functions on the organization’s workstations is straightforward if simplistic. Since a firewall is not part of Kaspersky Small Office Security, there’s no need for complex rules. Scans can be started and software components installed from the central management console. On the other hand, there’s no centralized reporting of what the collected scans have found or of the overall status of the organization’s workstations. Superb workstation protection remains somewhat hobbled by management that doesn’t go all of the way to the feature set business IT managers expect.